|
4 | 4 |
|
5 | 5 | The security playground is an HTTP web server to simulate security breaches. It allows you to read, write, and execute commands in a containerized environment. |
6 | 6 |
|
| 7 | + |
| 8 | +## Build |
| 9 | + |
| 10 | +``` |
| 11 | +$ docker build -t sysdiglabs/security-playground:latest . |
| 12 | +``` |
| 13 | + |
| 14 | + |
7 | 15 | ## Installation |
8 | 16 |
|
9 | | -Deploy the docker image in your environment. |
| 17 | +Deploy the docker image in your environment, and setup the probe health check to the `/health:8080` endpoint if required. |
| 18 | + |
| 19 | +You can also run the image locally: |
10 | 20 |
|
11 | 21 | ```bash |
12 | 22 | $ docker run --rm -p 8080:8080 sysdiglabs/security-playground |
13 | 23 | ``` |
14 | 24 |
|
15 | | -Setup the health check to the `/health` endpoint if required. |
16 | | - |
17 | 25 |
|
18 | 26 | ## Usage |
19 | 27 |
|
20 | | -The HTTP API exposes tree endpoints to interact with the system. |
| 28 | +The application provides endpoints for: |
| 29 | + - [Health checks](#health-checks) |
| 30 | + - [Reading file](#reading-a-file) |
| 31 | + - [Writing file](#writing-a-file) |
| 32 | + - [Executing commands](#executing-a-command) |
| 33 | + |
| 34 | + |
| 35 | +### Health checks |
| 36 | + |
| 37 | +The health check endpoint is `/health` on port `8080` and returns the `200` HTTP status code. |
| 38 | + |
21 | 39 |
|
22 | 40 | ### Reading a file |
23 | 41 |
|
24 | | -You can read a file using just the URL. |
| 42 | +You can retrieve a file's contents by sending a `GET` request to the application's URL. |
| 43 | + |
| 44 | +```bash |
| 45 | +$ curl <URL>:8080/<PATH> |
| 46 | +``` |
| 47 | + |
| 48 | +For example: |
25 | 49 |
|
26 | 50 | ```bash |
27 | 51 | $ curl localhost:8080/etc/shadow |
28 | 52 | ``` |
29 | 53 |
|
30 | | -This will return the content of the /etc/shadow file. |
| 54 | +This will return the content of the `/etc/shadow` file in the container running locally. |
| 55 | + |
| 56 | + |
31 | 57 |
|
32 | 58 | ### Writing a file |
33 | 59 |
|
34 | | -You can write to a file using the URL and POSTing the content. |
| 60 | +You can write data to a file by sending a `POST` request to the application's URL with the desired content. |
| 61 | + |
| 62 | +```bash |
| 63 | +$ curl -X POST <URL>:8080/<PATH> -d 'content=<CONTENT>' |
| 64 | +``` |
| 65 | + |
| 66 | +For example: |
35 | 67 |
|
36 | 68 | ```bash |
37 | 69 | $ curl -X POST localhost:8080/bin/hello -d 'content=hello-world' |
38 | 70 | ``` |
39 | 71 |
|
40 | | -This will write to /bin/hello the hello-world string |
| 72 | +This command writes the string hello-world to /bin/hello. |
| 73 | + |
| 74 | + |
41 | 75 |
|
42 | 76 | ### Executing a command |
43 | 77 |
|
44 | | -You can execute a command using the `/exec` endpoint and POSTing the command. |
| 78 | +To execute a command, send a `POST` request to the `/exec` endpoint with the command as the payload. |
| 79 | + |
| 80 | +```bash |
| 81 | +$ curl -X POST <URL>:8080/exec -d 'command=<CMD>' |
| 82 | +``` |
| 83 | + |
| 84 | +For example: |
45 | 85 |
|
46 | 86 | ```bash |
47 | | -$ curl -X POST localhost:8080/exec -d 'command=ls -la' |
| 87 | +$ curl -X POST localhost:8080/exec -d 'command=ls' |
48 | 88 | ``` |
49 | 89 |
|
50 | | -This will capture and return the STDOUT of the executed command. |
| 90 | +This will run the command and return its STDOUT output. |
0 commit comments